Cyber theft of customer records hits Coinbase ahead of S&P 500 inclusion
The news: Coinbase, the largest US crypto exchange, said hackers bribed contractors and employees working in support roles outside the US to steal customer data and demanded a USD20 million ($31.25 million) ransom, just days before the company is set to join the S&P 500.
The criminals accessed names, addresses, emails, account data and images of government-issued ID documents of a “small subset” of customers, but did not obtain passwords, keys or funds, it said.
Less than 1% of monthly transacting users were affected, and Coinbase said it will reimburse customers who were tricked into sending funds.
What they said: The company’s co-founder Brian Armstrong in a social media post said it will not pay the ransom and instead offered a USD20 million reward for information leading to the attackers’ arrest and conviction.
The attackers had approached overseas customer support agents with bribes as part of a social engineering campaign, he said. Coinbase said those involved were fired, and it is opening a new support hub in the US while increasing security controls for affected users.
The numbers: The incident could cost the San Francisco-based firm between USD180 million and USD400 million in remediation costs and voluntary reimbursements.
Coinbase shares fell as much as 8.83% on the news. Still, they remain 24% higher for the week, buoyed by Monday’s announcement from S&P Global that the company will be added to the US market benchmark.
The sources: Coinbase´s Brian Armstrong, Financial Times, Reuters, Bloomberg